Tipping Point 3CRX506DV-96-UK Datasheet

Category
Hardware firewalls
Type
Datasheet
OVERVIEW
Organizations of all sizes are having their networks attacked at an unprecedented rate. Attacks can
be in the form of network outages; they can claim valuable bandwidth from productivity applications
like Voice over IP (VoIP); they may even perpetrate the theft of company data and the personal and
financial information of employees and customers.
Internal abuse of network resources—unauthorized file sharing, visiting inappropriate web sites,
pervasive instant messaging—adds to the problem, resulting in an expanding threat environment
which, left ignored, seriously impacts the delivery of information and services to customers, affecting
the businesss profitability.
Because of these attacks and abuses, businesses need comprehensive network protection along with
multi-zone functionality allowing granular segmentation for better control over security policies and
network traffic. Solutions up to now have included various security appliances that were not
integrated and did not provide a single means of management.
3Com
®
X5 and X506 Unified Security Platforms deliver unprecedented threat protection for
organizations with a single site, multiple branch offices, or remote workers—helping prevent
business disruptions, revenue loss and damage to an organization’s reputation caused by security
breaches.
Built on best-of-breed services, including the award-winning 3Com TippingPoint
®
Intrusion
Protection System (IPS) architecture, the X5 and X506 Unified Security Platforms combine industry-
leading IPS capabilities with virtual private network (VPN) support, stateful packet inspection
firewall, application bandwidth management, audio/video IP multicast routing, anti-spam and web
content filtering.
This comprehensive security solution safeguards the network from attacks and misuse, and delivers
policy-based multisite connectivity for real-time business-critical applications such as Voice over IP.
High-availability features help ensure wirespeed traffic flow even in the event of network or internal
device error or loss of power to the primary device.
DATA SHEET
top to bottom: 3Com X5 and X506 Unified Security
Platforms
3COM
®
X5 AND X506
UNIFIED SECURITY
PLATFORMS
Enterprise-class unified security platform
with best-of-breed performance, ideally suited for
distributed secure converged networks
2 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
KEY BENEFITS
PROACTIVE NETWORK SECURITY
The 3Com X5 and X506 devices leverage the best-in-class
TippingPoint IPS Threat Suppression Engine currently used to
protect thousands of enterprise networks throughout
the world.
The IPS continually cleanses the network at layers 2-7,
checking both Internet and intranet traffic, eradicating threats
and helping to prevent bandwidth hijacking and malicious
traffic—spyware, worms, viruses, trojans, phishing attempts,
VoIP threats and other harmful activities. Statistical, protocol
and application anomaly protection safeguards the network
against traffic surges, buffer overflows and unknown attacks
and vulnerabilities (zero-day threats).
To ensure protection against new and evolving security
threats, updated attack filters are incorporated into Digital
Vaccine
®
Attack Filter Update Services, provided by
TippingPoint, which are automatically distributed to all
subscribing 3Com X5 and X506 devices, providing pre-emptive
protection against new and zero-day vulnerabilities. The
Digital Vaccine service offers this protection and prevention on
a weekly (or more frequent) basis.
Recommended settings for IPS filters enable preconfigured
policies that can automatically and accurately block attacks
without any tuning, significantly reducing the time and
resources required to protect and maintain a healthy network.
This ensures that no “good” traffic is blocked and no “bad”
traffic is permitted, with no security expertise or fine-tuning
of settings required.
ADVANCED VPN CONNECTIONS
While most security implementations do not address security
w
ithin a VPN connection, 3Com Unified Security platforms
take a uniquely comprehensive approach to VPN-based
security by providing the ability to look inside VPN IPSec
t
unnels for threats. This thorough inspection prevents
propagation of exploits and other malware between sites and
can also be used to provide protection from security risks that
o
ccur when laptop users terminate VPN connections while
traveling. Threats that once gained access via a VPN tunnel
are now eliminated by this unique approach, offering
c
omplete security protection, ensuring that remote VPN
clients or branch offices cannot be used to propagate threats
into the LAN.
Another unique feature is prioritization of bi-directional traffic
inside the VPN tunnel, enabling high-quality secure VoIP
services and optimizing other site-to-site applications.
APPLICATION PRIORITIZATION AND
OPTIMIZATION
To control the amount of bandwidth allotted to applications
and deliver the appropriate quality of service (QoS), 3Com X5
and X506 devices can throttle down non-critical applications
such as FTP, and throttle up business-critical and latency-
sensitive ones such as VoIP. Bandwidth can be allocated for
both inbound and outbound directions, both inside and outside
VPN tunnels, to maximize control.
This policy-based traffic-shaping capability helps prevent
network congestion, giving administrators a powerful tool for
making sure that network services meet user expectations
and adhere to the policies set by network managers.
APPLICATION BLOCKING AND WEB FILTERING
The platforms enforce usage policies by blocking or rate
limiting applications such as instant messaging (IM) and
peer-to-peer file sharing that are not essential to business
and can waste bandwidth.
3Com offers an optional integrated web content filter
subscription service that limits employee access to
objectionable or unacceptable websites that could lower
productivity or cause legal problems. This protection is kept
current because content is filtered through a continually
updated database.
Web filter policies can be customized to the site requirements,
enforcing different access at a security zone or group/user
basis. Advanced integration with directory services such as
Windows Active Directory and Novell eDirectory allow fine
grain per-user control.
3 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
SPAM EMAIL FILTERING
Unsolicited spam now comprises over 80% of all email traffic.
Organizations continue to react with tactical fixes, but
deterioration in the quality of service for valid network traffic
remains. Email filtering in 3Com X5 and X506 platforms uses
the best-of-breed GlobalView
Mail Reputation Service, from
Commtouch
®
, to fight spam and email-borne malware at the
perimeter. The solution has been proven to reduce up to 80%
of incoming spam email at the network entry-point, while
providing the industry's lowest rate of false positives.
GlobalView offers a unique breadth of coverage, analysis and
delivery of information in real-time. It utilizes global detection
centers that analyze hundreds of millions of messages per
day, providing visibility into network traffic in every location,
globally. This critical mass of data is analyzed using patented
technology, enabling the delivery of real-time classification for
the source of each email received. In real time, the service
determines if a particular address is sending spam and/or
legitimate email, and if it has been compromised. These
capabilities enable the solution to react to distributed spam
attacks the moment they start.
IP MULTICAST WITH VPN
X5 and X506 devices enable organizations to deliver next-
generation services such as distance learning, real-time
training, and multimedia conferencing across the network
using IP multicast in conjunction with VPN—two technologies
which up until now have been mutually exclusive. Prioritized
traffic shaping within a VPN tunnel can provide cost savings
on long distance phone calls and leverages centralized
business applications.
FLEXIBLE SECURITY ZONE CONTAINMENT
The flexible architecture of the 3Com X5 and X506 Unified
Security Platforms allows the creation of multiple security
zones—wired/wireless and student/teacher LANs and DMZs,
for example—for greater IPS and firewall control of resources
and networks. Traffic between these security zones can then
be fully inspected and prioritized using stateful packet
inspection for access control and IPS for security control.
Security zone flexibility also extends to remote access users,
who can have their VPN connection terminated to a specific
zone, based on their identity, thanks to integration with
authentication directory services. This capability enables
flexible integration with network access control (NAC)
products.
STATEFUL PACKET INSPECTION FIREWALL
3Com X5 and X506 platforms are equipped with a fully ICSA-
c
ertified stateful packet inspection firewall which provides
access control and also recognizes prioritized packet flows
and helps maintain QoS. Granular firewall rules allow the
c
ontrol of traffic down to an individual IP address, and
fine-grain control of all security services.
T
his firewall function replaces router- or switch-based access
control lists that can lower performance in those devices.
SECURITY MANAGEMENT SYSTEM
In situations where there are multiple X5 and X506, as well as
TippingPoint, security devices, the optional 3Com TippingPoint
Security Management System (SMS) offers comprehensive
management capabilities.
Delivered as a rack-mount appliance, SMS enables
administrators to monitor, configure, diagnose and create
reports. With SMS, administrators can create IPS and firewall
profiles, implement VPNs, manage bandwidth, setup web
filters and perform other tasks from a central location. SMS
comes with factory-installed software for simple installation,
and is the only management system that provides high-
availability HA/failover capabilities.
QUARANTINE PROTECTION
Often the most dangerous security threats emanate from
within the corporate network. These threats may include
worms from traveling laptops and visitor/guest PCs, or
installation of unapproved applications such as peer-to-peer
file sharing that can carry spyware.
X5 and X506 devices configured with SMS can automatically
remove an infected device from the network, or “move” it to a
quarantine VLAN where it can be safely repaired before being
allowed back on the network. Quarantine protection isolates
infected devices from the network without the need for client
software, and transparently redirects web requests so users
know they are infected or running applications which do not
conform to corporate policies. Used in conjunction with
network access control, this enables a fully-rounded pre-
and post-access control solution.
KEY BENEFITS (
CONTINUED)
3COM® WIRELESS LAN MOBILITY SYSTEM
4 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
Feature Description
PROACTIVE INTRUSION PREVENTION
Based on award-winning TippingPoint Provides peace of mind by preventing business disruption, loss of revenue and damage to the
Threat Suppression Engine organization’s reputation caused by security breaches.
Packet flow inspection for Layer 2 Continuously cleanses Internet and intranet traffic, eradicating threats and helping to prevent
through Layer 7 bandwidth hijacking.
Statistical, protocol and application Safeguards against traffic surges, buffer overflows, unknown attacks and unknown vulnerabilities
anomaly protection (zero-day threats).
Quarantine protection Isolates infected devices from the network without the need for client software; transparently
redirects web requests so users know they are infected or running applications which do not
conform to corporate policies.
Digital Vaccine Attack Filter Automatically delivers new security filters that preemptively protect against new exploits;
Update Service offers updated protection and prevention on a weekly (or more frequent) basis.
Recommended settings supplied Ensures that no “good” traffic is blocked and no “bad” traffic is permitted; no security expertise
with IPS filters in Digital Vaccine or fine-tuning of settings is required.
Traffic normalization Eliminates malformed or illegal packets and performs TCP reassembly and IP defragmentation
to increase bandwidth and detect evasions.
Elimination of ad hoc patching and Increases IT productivity and saves management costs; continuously shields the network from
alert responses application and infrastructure exploits while patches are being deployed.
ADVANCED VPN
High-performance, low-latency Allows the Internet to be used as a secure connectivity mechanism for site-to-site connections
IPSec VPN and remote user connectivity.
Ability to apply IPS inside VPN tunnels Offers complete security protection, ensuring that remote VPN clients or branch offices cannot be
used to propagate threats into the LAN.
Terminate VPNs to different zones Allows security policy to be controlled on a per user or per group basis and enables integration
with network access control solutions to extend policy control to remote access users.
APPLICATION PRIORITIZATION AND OPTIMIZATION
Single, high-performance, resilient Reduces the number of devices that need to be managed and saves management costs;
platform provides greater flexibility by integrating multiple functions (e.g., IPS in VPN tunnels).
Policy-based prioritization Ensures QoS for business-critical applications and latency-sensitive services such as VoIP;
makes sure network traffic adheres to policies set by management; improves users’ productivity.
SIP/H323 application layer gateway Provides ability to identify, prioritize and protect mission-critical applications, such as VoIP.
and stateful traffic shaping
Traffic shaping inside VPN tunnels Prioritizes site-to-site voice traffic across VPN tunnels, saving costs on long-distance phone calls
and leveraging centralized business applications.
Support for PIM-DM multicast routing Enables next-generation applications such as distance-based learning, between sites over IPSec
VPN real-time training and conferencing and, at the same time, helps to preserve precious
WAN bandwidth
ENFORCE ACCEPTABLE INTERNET USAGE
Block instant messages (IM), Improves employee productivity and preserves bandwidth by restricting peer-to-peer file sharing
streaming applications and access to unauthorized applications.
Web content filtering Restricts access to non-business content, boosting employee productivity; helps reduce legal
liability and security threats related to offensive or harmful web content.
Anti-Spam filtering Stops unwanted email from reaching inboxes, improving employee productivity; helps reduce legal
liability, security threats and the strain on IT infrastructure related to unsolicited emails containing
offensive content, viruses or phishing attacks. As Spam is stopped at the connection layer, before it
enters the network, LAN and WAN bandwidth and e-mail server resource requirements are
significantly reduced.
Layer 4 through Layer 7 rate limiting Provides the ability to limit the data rate of applications like IM and streaming video to maximize
WAN bandwidth.
FEATURES HIGHLIGHTS
5 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
Feature Description
FLEXIBLE SECURITY ZONE CONTAINMENT
Support for multiple DMZs Lets administrators deploy one or more DMZs for greater security of publicly available resources.
Flexible security zones Enables segmentation of the network into multiple zones, allowing greater IPS and firewall control
and enforcement between resources or networks; allows creation of wired/wireless, student/teacher, and similar
networks, for both local and remote access users.
Inter-LAN firewall and IPS Allows segmentation and inspection between IEEE 802.1Q VLAN tagged networks.
Intrinsic high-availability and Helps ensure maximum uptime and availability.
stateful network redundancy modes
NETWORK TRANSPARENCY
Seamless deployment No IP or MAC address—and no changes needed to network configuration—simplifies installation,
saves time, and helps eliminate the risk of hackers discovering devices on the network.
ENTERPRISE-CLASS HIGH AVAILABILITY
Dual-box failover Protects against loss of connectivity due to hardware failure, with automatic configuration
synchronization to simplify administration and remove scope for errors.
Dual-WAN failover Helps prevent loss of connectivity due to ISP WAN link failure.
Dual-WAN load-balancing Enables increased WAN bandwidth for remote sites with the added benefit of protection against loss
of connectivity due to ISP WAN Link failure.
O
f
f
i
c
e
L
A
N
C
l
i
e
n
t
s
I
P
P
h
o
n
e
s
V
o
i
c
e
z
o
n
e
W
i
r
e
l
e
s
s
z
o
n
e
W
o
r
k
z
o
n
e
G
u
e
s
t
z
o
n
e
D
M
Z
z
o
n
e
P
C
3
C
o
m X
5
3
C
o
m
3
1
0
8
C
o
r
d
l
e
s
s
P
h
o
n
e
S
e
r
v
e
r
3
C
o
m
W
i
r
e
l
e
s
s
7
7
60
A
c
c
e
s
s
P
o
i
n
t
3
C
R
U
S
2
4
7
5
U
i
f
i
d
G
i
b
i
W
i
l
P
E
Si
h
2
4
3
Co
m
U
n
i
f
i
e
d
G
i
g
ab
i
t
P
o
E
S
w
i
t
c
h
3
C
o
m
®
N
B
X
®
V
3
0
0
0
3
C
N
B
X
V
3
0
0
0
3
C
o
m
R
o
u
t
e
r
V
P
N
t
u
n
n
e
l
I
n
t
e
r
n
e
t
H
o
m
e
P
C
I
P
P
h
o
n
e
3
C
o
m
X
5
3
C
o
m
R
o
u
t
e
r
3COM X5 UNIFIED SECURITY PLATFORM: SMALL OFFICE
AND TELEWORKER APPLICATION
Offsite and Small Office Workers are Protected
Offsite workers can safely connect through VPN to the home office
with the 3Com X5 Unified Security Platform, knowing the X5 platform
is protecting them from internet and intranet threats. At the office, the
X5 device segments the network into multiple zones, allowing greater
IPS and firewall control.
FEATURES HIGHLIGHTS (
CONTINUED)
6 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
4
3
2
Fl
o
o
r
1
H
e
a
d
q
u
a
r
t
er
s
B
ra
n
c
h
O
ff
i
c
e
1
B
ra
nch O
ff
ice
2
L
AN
C
l
i
e
n
ts
3
C
om
S
w
i
t
c
h
5
5
0
0
-
E
I
P
W
R
Wir
e
l
e
ss
P
C
3
C
o
m
W
i
r
e
les
s
L
A
N
C
o
nt
r
o
l
l
e
r
W
X
4
40
0
3C
o
m
W
i
r
e
l
e
s
s
L
A
N
S
w
i
t
c
h
M
a
na
g
e
r
W
i
r
e
l
e
s
s
L
A
N
S
w
i
t
c
h
Ma
n
a
g
e
r
L
A
N
C
li
e
n
t
s
L
A
N
Cli
ent
s
IP
P
h
on
e
s
IP
P
h
on
e
s
W
i
r
e
l
e
s
s
L
A
N
M
a
n
a
g
e
d
A
c
c
e
s
s
P
o
i
n
t
A
P
2
7
5
0
3C
o
m
®
W
i
re
l
e
s
s LA
N
M
a
n
a
g
e
d
A
c
c
e
s
s
P
o
i
n
t
A
P
3
7
5
0
Man
a
g
e
d
A
c
c
e
s
s
Po
i
nt
A
P2
7
50
M
a
n
a
g
e
d
A
c
c
e
ss
Po
i
n
t
A
P3
750
W
ir
e
l
e
s
s L
A
N
M
a
n
a
g
e
d
A
c
c
e
s
s
Po
i
nt
A
P
3
7
5
0
3
C
o
m
S
w
i
t
c
h
7
7
57
3
C
R
1
7
1
6
2
9
1
S
S
t
k
4
S
t
h
5
5
0
0
E
I
5
2
P
t
3
C
R
1
7
1
6
2
9
1
S
S
t
k
4
S
t
h
5
5
0
0
E
I
5
2
P
t
3
C
R
1
7
1
6
2
9
1
S
S
t
k
4
S
t
h
5
5
0
0
E
I
5
2
P
t
3
C
R
1
7
1
6
2
9
1
S
S
t
k
4
S
t
h
5
5
0
0
E
I
5
2
P
t
3
C
R
1
7
1
6
2
9
1
S
S
t
k
4
S
t
h
5
5
0
0
E
I
5
2
P
t
W
ir
el
e
ss
P
C
Wir
e
l
e
s
s
P
C
W
ir
el
e
s
s
P
C
3C
o
m
W
ir
e
l
e
s
s
L
A
N
S
wi
tch
WX
R10
0
IP
P
hon
es
Man
age
d
A
cc
es
s
P
oint
AP37
50
3Co
m
B
as
e
li
n
e
Sw
i
tc
h
2
4
26
-
PWR
Voi
ce
z
on
e
Wir
ele
ss
zo
n
e
Wor
k
z
one
Gue
s
t z
o
ne
DMZ
zo
n
e
3
C
o
m
S
wi
t
c
h
4
5
0
0
P
WR
3
C
R
1
7
5
7
1
9
1
S
S
t
k
3
S
t
h
4
5
0
0
P
W
R
2
6
P
t
3C
o
m W
i
re
l
es
s
L
AN
S
w
it
c
h
WX
1
2
00
3
C
R
W
X
1
2
0
6
9
5
A
W
i
r
el
es
s
L
A
N
S
w
i
t
c
h
W
X
1
2
0
0
3
C
R
W
X
4
4
0
0
9
5
A
W
i
r
e
l
e
s
s
L
A
N
C
o
n
t
r
o
l
l
e
r
W
X
4
4
0
0
P
C
V
P
N
tunnel
VP
N
tunnel
T
i
p
p
i
n
g
P
o
i
n
t
®
S
M
S
3Co
m X
5
3Co
m
X
5
3Co
m V
CX
V60
0
0
V
6
0
0
0
P
O
W
E
R
FXO
FXS
CPU
CM
3C
o
m
V
C
X
V60
0
0
FXO
3C
o
m
V
C
X
V
7
0
0
0
Se
rv
e
r
3C
o
m
3
10
8
C
or
d
l
es
s
P
h
o
n
e
3C
o
m
3
10
8
C
or
d
l
e
s
s
P
ho
n
e
3C
o
m 3
108
C
or
d
l
es
s
P
hon
e
3C
o
m 3
10
8
C
or
d
l
e
s
s
P
ho
n
e
3Co
m
3
10
8
Co
rd
l
e
s
s
P
hon
e
Ser
ve
r
I
n
t
ern
et
3C
o
m
R
out
er
3Co
m R
out
er
3C
o
m
X
5
0
6
(
d
u
a
l
b
ox
h
i
g
h
-
a
va
i
l
a
b
i
l
i
t
y
)
3C
o
m
R
o
ut
er
6040
3COM X5 AND X506 UNIFIED SECURITY PLATFORMS:
BRANCH OFFICE APPLICATION
Secure VPN Connections with Intrusion
Prevention
The 3Com X5 Unified Security Platform connects
through VPN to the 3Com X506 device in headquar-
ters. There, the TippingPoint SMS manages the X506
and remote X5 devices.
.
Flexible Security Zones
The 3Com X5 platform enables seg-
mentation of the network into multiple
zones, allowing greater IPS and fire-
wall control between resources and/or
networks.
.
7 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
SPECIFICATIONS
All information in this section is relevant to all versions of the
3Com X5 and X506 Unified Security Platforms, unless stated
otherwise.
CONNECTORS
6 auto-negotiating 10BASE-T/100BASE-TX configured as auto MDI/MDIX
1 serial (RJ-45)
CONCURRENT SESSIONS
3Com X5 (25 user license): 20,000
3Com X5 (unlimited license): 60,000
3Com X506 (unlimited license): 128,000
INTRUSION PREVENTION
TippingPoint
®
Threat Suppression Engine
IPS performance:
X5: 20 Mbps
X506: 60 Mbps
Automated Digital Vaccine Attack Filter Update Service
by TippingPoint
Recommended settings for Intrusion Prevention System (IPS) filters
Zero-day filters
Level 4–7 rate limiting
Automatic quarantine
2,300+ attack filters protecting against spyware, worms, viruses,
trojans, phishing, VoIP threats, DoS, P2P, IM
FIREWALL
Firewall performance:
X5: 70 Mbps
X506: 100 Mbps
Firewall policies:
X5 (25 user): 50
X5 (unlimited user): 100
X506: 500
Security zones:
X5: 16
X506: 32
Virtual servers:
X5: 25
X506: 100
Time-based schedules
User authentication
Virtual Private Network (VPN)
VPN performance (168-bit DES):
X5: 40 Mbps
X506: 95 Mbps
Concurrent VPN client sessions:
X5 (25 user): 50
X5 (unlimited user): 128
X506: 1,000
Security Associations:
X5: 50
X506: 512
Keying modes: manual key, IKE-PSK, IKE-X509
Encryption: DES, 3DES, AES128, AES-192, AES-256
VPN client support: native IPSec, L2TP/IPSec, PPTP/MPPE
User-based zone-specific VPN termination via LDAP
WEB CONTENT FILTERING
Annual subscription service*:
Provider: WebSense; onbox subscription service*
URLs filtered: 15+ million*
Content filter categories: 40*
Custom URL black/white lists
User-based content filtering via LDAP
Keyword, wildcard, regular URL matching
ANTI SPAM
GlobalView Mail Reputation Service
Automated SMTP email Spam rating service
Greater than 80% detection rate
Industry’s lowest false positives
TRAFFIC SHAPING
Inbound and outbound rate limiting
Policy-based shaping
Traffic shaping inside VPN tunnels
NETWORKING
Deployment modes: IP transparent, route, NAT
IP router interfaces:
X5: 6
X506: 32
IP address groups:
X5: 25
X506: 200
Static routes:
X5: 100
X506: 500
Dynamic routing RIP v1 and 2, OSPF v2 including NSSA
OSPF routes:
X5: 50,000
X506: 200,000
PPPoE, L2TP, PPTP IP assignment
DHCP client
IEEE 802.1Q VLAN support
Internal multi-scope DHCP server
DHCP relay over VPN
GRE tunneling
IP multicast routing PIM-DM
IGMP v1 and 2
HIGH AVAILABILITY
Dual-box active-standby pair
Dual-box automatic configuration synchronization
Dual WAN links in active-standby fail-over pair
Dual WAN links in active-active load-balancing pair
Primary and secondary VPN peers
Configurable load-balancing
SYSTEM AND ADMINISTRATION
Web interface via HTTPS
Command line interface via console, telnet, SSH
TippingPoint Security Management System (SMS) support
RADIUS server and local database authentication
DNS support for dynamic IP allocation
Configuration snapshot and restore
Software upgrade via web interface or SMS
Software rollback
SNMP v1, 2 and 3; SNMP Enterprise MIB
Fully-integrated AdventNet Firewall Analyzer support
DIMENSIONS
X5
Height: 4.3 cm (1.7 in)
Width: 29.5 cm (11.6 in)
Depth: 17.5 cm (6.9 in)
Weight: 1.1 kg (2.5 lb)
X506
Height: 4.3 cm (1.7 in)
Width: 44.5 cm (17.5 in)
Depth: 30.5 cm (12.0 in)
Weight: 4.1 kg (9.0 lb)
POWER SUPPLY
X5
100-240 VAC auto-ranging, 50/60 Hz
Current rating: 0.8-1.2 Amps, max
Power consumption: 30 W, max
X506
100-240 VAC auto-ranging, 50/60 Hz
Current rating: 1-2 Amps, max
Power consumption: 50 W, max
Environmental Requirements
Operating temperature: to 40°C (32° to 104°F)
Storage temperature: -20° to 80°C (-4° to 176°F)
Humidity: 5% to 95% non-condensing
1 year of updates included
with purchase of device;
purchase additional
licenses to extend
protection
* 30-day trial included;
requires purchase of
content filter license for
continued protection
30-day trial included;
requires purchase of
anti-Spam filter license
for continued protection
PRODUCT DESCRIPTION 3COM SKU
3Com X5 Unified Security Platform 3CRX5DV-25-96
(25-user license; includes one year of Digital Vaccine updates)
3Com X5 Unified Security Platform 3CRX5DV-U-96
(unrestricted user license; includes one year of Digital Vaccine updates)
3Com X506 Unified Security Platform 3CRX506DV-96
(unrestricted user license; includes one year of Digital Vaccine updates)
Product Options
3Com X5 Digital Vaccine Attack Filter Update Service 3CX5-DV-E
(One year of Digital Vaccine IPS updates)
3Com X506 Digital Vaccine Attack Filter Update Service 3CX506-DV-E
(One year of Digital Vaccine IPS updates)
3Com X5 25-User to Unrestricted User Upgrade License 3CX5-25UPGU-E
(Upgrades 3CRTPX5-25-96 to support unrestricted users)
3Com X5 Anti-Spam Filter Update Service 3CX5-AS-E
(One year of anti-Spam filtering)
PRODUCT DESCRIPTION 3COM SKU
3Com X506 Anti-Spam Filter Update Service 3CX506-AS-E
(One year of anti-Spam filtering)
3Com X5 Content Filter Update Service 3CX5-CF-E
(One year of Web content classification and filtering)
3Com X506 Content Filter Update Service 3CX506-CF-E
(One year of Web content classification and filtering)
3Com Global Services
3Com Network Health Check, Installation Services,
and Express Maintenance www.3com.com/services_quote
3Com University Courses www.3com.com/3comu
3Com Corporation, Corporate Headquarters, 350 Campus Drive, Marlborough, MA 01752-3064
3Com is publicly traded on NASDAQ under the symbol COMS.
Copyright © 2009 3Com Corporation. All rights reserved. 3Com, the 3Com logo, TippingPoint, and Digital Vaccine are registered trademarks of 3Com
Corporation in various countries worldwide. GlobalView is a trademark, and Commtouch is a registered trademark, of Commtouch Software Ltd.
All other company and product names may be trademarks of their respective companies. While every effort is made
to ensure the information given is accurate, 3Com does not accept liability for any errors or
mistakes which may arise. All specifications are subject to change without notice.
Visit www.3com.com for more information about 3Com solutions.
401013-009 03/09
8 3COM
®
X5 AND X506 UNIFIED SECURITY PLATFORMS
ORDERING INFORMATION
RELIABILITY
(MTBF @25°C)
X5: 22 years (193,000 hours)
X506: 13 years (115,000 hours)
EMISSIONS / AGENCY APPROVALS
FCC Part 15 Class B
EN 55022 Class B
ICES-003 Class B
VCCI Class B
EN 61000-3-2
EN 61000-3-3
IMMUNITY
Product conforms to EN 55024
SAFETY AGENCY CERTIFICATIONS
UL 60950-1
IEC 60950-1
EN 60950-1
CAN/CSA-C22.2 No. 60950-1-03
STANDARDS AND PROTOCOLS
IEEE standards
IEEE 802.1Q (VLANs)
IEEE 802.3 Ethernet
IEEE 802.3i (10BASE-T)
IEEE 802.3u (Fast Ethernet)
RFC standards
RFC 0768 (User Datagram Protocol)
RFC 0791 (Internet Protocol)
RFC 792, 950, 1256 (Internet Control Message Protocol)
RFC 0793 (Transmission Control Protocol)
RFC 1157 (Simple Network Management Protocol)
RFC 1213 (Management Information Base for Network Management
of TCP/IP-based internets: MIB-II)
RFC 1722, 2082, 2453 (RIP)
RFC 2131 (DHCP)
RFC 2236 (IGMP)
RFC 2403 (Use of HMAC-MD5-96 within ESP and AH)
RFC 2404 (Use of HMAC-SHA-1-96 within ESP and AH)
RFC 2405 (ESP DES-CBC Cipher Algorithm With Explicit IV)
RFC 2410 (NULL Encryption Algorithm and Its Use With IPsec)
RFC 2516 (PPPoE)
RFC 2541 (ESP CBC-Mode Cipher Algorithms)
RFC 2637 (PPTP)
RFC 2661 (L2TP)
RFC 2784 (Generic Routing Encapsulation)
RFC 3022 (Network Address Translation)
RFC 3164 (Syslog)
RFC 3193 (Securing L2TP using IPsec)
RFC 3261 (SIP)
RFC 3947 (Negotiation of NAT-Traversal in the IKE)
RFC 3948 (UDP Encapsulation of IPsec ESP Packets)
RFC 3973 (PIM-DM)
RFC 4109 (Algorithms for Internet Key Exchange version 1)
RFC 4301 (Security Architecture for the Internet Protocol)
RFC 4302 (IP Authentication Header)
RFC 4303 (IP Encapsulating Security Payload)
PACKAGE CONTENTS
X5
3Com X5 Unified Security Platform
Power adapter
X506
3Com X506 Unified Security Platform
Power cord
WARRANTY
One Year Limited Hardware Warranty
Limited Software Warranty for 90 days
90 days free technical support
Refer to www.3com.com/warranty for details.
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8

Tipping Point 3CRX506DV-96-UK Datasheet

Category
Hardware firewalls
Type
Datasheet

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI